From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jan Kiszka Subject: Re: [PATCH 0/8] use jump labels to streamline common APIC configuration Date: Tue, 14 Aug 2012 17:09:15 +0200 Message-ID: <502A6A1B.8000408@siemens.com> References: <501E760E.9050109@redhat.com> <20120805133549.GL27579@redhat.com> <501E7839.2030008@redhat.com> <20120805134842.GM27579@redhat.com> <501E7C85.70001@redhat.com> <20120805140305.GN27579@redhat.com> <502A5A16.6040506@siemens.com> <502A5AE0.3080608@redhat.com> <20120814140701.GN11194@redhat.com> <502A5CFD.8080604@siemens.com> <20120814144417.GQ11194@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Avi Kivity , "kvm@vger.kernel.org" , "mtosatti@redhat.com" To: Gleb Natapov Return-path: Received: from david.siemens.de ([192.35.17.14]:34018 "EHLO david.siemens.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753173Ab2HNPJT (ORCPT ); Tue, 14 Aug 2012 11:09:19 -0400 In-Reply-To: <20120814144417.GQ11194@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 2012-08-14 16:44, Gleb Natapov wrote: > On Tue, Aug 14, 2012 at 04:13:17PM +0200, Jan Kiszka wrote: >> On 2012-08-14 16:07, Gleb Natapov wrote: >>> On Tue, Aug 14, 2012 at 05:04:16PM +0300, Avi Kivity wrote: >>>> On 08/14/2012 05:00 PM, Jan Kiszka wrote: >>>> >>>>>>> The host can prevent this by leaving disabling the guest pmu. But >>>>>>> disabling jump labels for real-time kernels may be acceptable too. We >>>>>>> can probably to it at run time by forcing the slow path at all times. >>>>>> Yes, it is possible to add module option that will force slow path if >>>>>> needed. >>>>> >>>>> Should I write a patch or will you? Having host-side stop_machine due to >>>>> such common guest operations is indeed a no-go for RT. >>>>> >>>> >>>> Note that an additional patch is needed for perf, otherwise the guest >>>> (or a user, but that's less of a concern for realtime) can easily invoke >>>> stop_machine by configuring and unconfiguring its pmu. >>>> >>>> >>> Are we talking about malicious guests? Why not compile kernel with jump >>> label disabled if this is serious concern? >> >> Because jump labels are still useful for other purposes (e.g. tracing) - >> provided you don't use them while a critical operation is running. It's >> cumbersome to require static configuration, specifically given that we >> could easily control dynamically it at KVM level. >> > I am not against parameter. I just think you are fighting uphill battle. > jump-label is not trace only thing. Their use expect to grow in kernel > and those that this patchset adds are not the first that can be triggered > by regular user. BTW there is work to make patching without calling > stop_machine(). Yes, there might be more, but not under direct control of the guests, typically the workload that you don't have under the same control as your host processes. Will the stop_machine-free version hit the kernel together or shortly after your changes? I didn't follow that work. Jan -- Siemens AG, Corporate Technology, CT RTC ITP SDP-DE Corporate Competence Center Embedded Linux